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An interception method for performing a lawful 
interception in a packet network, comprising the steps of: 

a) providing a first network element (LIN) having an 
interception function for intercepting data packets; 

b) controlling said interception function by an 
intercept ion\control means (26) implemented in a second 
network element (LIG) ; and 

c) transmitting an intercepted data packet from said 
first network element (LIN) via said packet network to an 
interception gateway\element (LIG) providing an interface 
to at least one intercepting authority (LEA) . 



20 



2. A method according to\claim 1, wherein said 
interception gateway element\(LIG) is integrated in said 
second network element. 

3. A method according to claim f\or 2, wherein a header 
of a data packet is read by said network element (LIN) and 
data packets to be intercepted are duplicated. 



25 4. A method according to any one of the ^preceding claims, 
wherein said intercepted data packet is transmitted to said 
interception gateway element (LIG) using a sefcure tunnel . 

5. A method according to claim 4, wherein saidXsecure 
3 0 tunnel is implemented by an encryption processing. 
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6. A method according to any one of the preceding claims, 
wherein said intercepted data packet is transmitted vie 
interworking units (IWU) and encrypted between said 
interworking units, when said first network element (LIN) 
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and said interception gateway element (LIG) are arranged in 
separate network segments . 




7. ^ method according to any one of the preceding claims, 
whereih said first network element is provided in each 
network \segment of said packet network. 

8, A method according to any one of the preceding claims, 
wherein received intercepted data packets are collected in 
said interception gateway element (L.IG) and supplied to an 
interface of said at least one intercepting authority 
(LKA) 



9. A method according to claim 8, wherein said interface 
15 comprises a first interface for administrative tasks, a 

second interface for network signaling, and a third 
interface for intercepted, user data. 

10. A method according to any one of the preceding claims, 
20 wherein said intercepting function comprises a packet 

sniffing and filtering function\ 
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11. A method according to claim 10\ wherein said 
intercepting function is implemented\^.n the Gn interface. 

12. A method according to any one of tlie preceding claims, 
wherein said interception function comprises reading data 
packets, analyzing the header of the data packets as to 
whether the data packet should be intercepted! or not, and 
transmitting the data packet to said interception gateway 
element (LIG) , and a management function for interception 
and transmission criteria. 



13. A method according to any one of the preceding\ claims , 
3 5 wherein an alarm is transmitted to said interceptionN 
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teway element (LIG) and all interception information of a 



respective network element (LIN) is deleted, when a 
breakage of a casing of the respective network element has 
been cietected. 

14. A method according to any one of the preceding claims, 
wherein fake packets are transmitted from said network 
element (LIN) to said interception gateway element (LIG) . 



10 



15 



15. A method ^pcording to claim 14, wherein said fake 
packets are transmitted at random or triggered at any 
passing packet, sxiph that the total load of intercepted and 
fake packets transmitted to said interception gateway 
element (LXG) is constant. 



16, A method according \:o any one of the preceding claims, 
wherein said intercepted o^ta packet is padded to a maximum 
length . 



20 17. A method according to any\one of the preceding claims, 
wherein a time information is achjled to said intercepted 
data packet . 



18. An interception system for performing a lawful 
25 interception in a packet network, comprising: 

a) a first network element (LIN) haviitej an interception 

function for intercepting data packets and comprising a 

transmitting means (14) for transmitting ai\ intercepted 

data packet to said packet network; 
30 b) an interception control means (26) implemented in a 

second network element (LIG) and controlling tl 

interception function; and 

c) an interception gateway element (LIG) having\a 
receiving means (21) for receiving said intercepted data 
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packet and an interface means (27) for providing an 

interface to at least one intercepting authority (LEA) 



19. A\system according to claim 18, wherein said second 
network Wement corresponds to said interception gateway 
element (IjIG) . 
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20. A system according to claim 18 or 19, wherein said 
first network^ element (LIN) further comprises an encrypting 
means (12) f or\encrypting said intercepted data packet. 



15 



21. A system according to any one of claims 18 to 20 , 
wherein said first Vietwork element (LIN) further comprises 
a means (13) for generating fake packets to be transmitted 
with said intercepted\data packets. 
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22. A system according tsx> anyone of claims 18 to 21, 
wherein said first netwom element (LIN) comprises a 
reading means (11) for reading a header of a received data 
packet and for duplicating axiata packet to be intercepted. 

23. A system according to claink22 / wherein said reading 
means (11) is arranged to pad saiia copied data packet to a 
maximum length. 

24. A system according to anyone of claims 18 to 23, 
wherein said first network element (LIn\ is a gateway 
element of said packet network. 



30 25. A system according to any one of claim^ 18 to 23, 

wherein said first network element (LIN) is A BG, an SGSN 
or a GGSN. 
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26. A system according to claim 24 or 25, wherein an 
interception information defining a data packet t\ be 
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intercepted is included in a context information supplied 
to said first network element (LIN) and used for routing 
data packets. 

27. a\ system according to claim 26, wherein said 
interception control means (26) comprises a storing means 
for storing an interception list, and wherein said 
interception control means (26) is arranged to add said 
interceptiori information to said context information 
supplied to said first network element. 

28. A system according to any one of claims 18 to 27, 
wherein said firsK network element (LIN) is arranged in 
each segment of saicd packet network. 

29. A system according to anyone of claims 18 to 28, 
wherein said first network element (LIN) comprises a 
control means (15) for controlling interception and 
encryption processing in accordance with an interception 
setting instruction receivecK f rom said interception control 
means (26) • \ 

30. A system according to anyone^ of claims 18 to 29, 
wherein said interception gateway Vlement (LIG) comprises a 
memory means (25) for storing received intercepted data 
packets before supplying them to saidNinterf ace means (27). 

31. A system according to claim 30, wherein said 
interception gateway element (LIG) comprises a decryption 
means (22) for removing an encryption of the, received 
intercepted data packets, an extraction means\ (23) for 
extracting intercepted data packets from fake qata packets, 
and a means (24) for adding a time information tro said 
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received intercepted data packets before storing them in 
said memory means (25) * 



32. A Wstem according to any one of claims 18 to 31, 
wherein Vaid first network element (LIN) comprises a 
detectingyneans for detecting a malfunction and/or breakage 
thereof, and signaling means for signaling an alarm to said 
intercept ior\ gateway element (LXG) in response to an output 
of said detecting means . 

33. A network element for a packet network, comprising: 

a) an interception means (11 # 15) for intercepting a data 
packet received from\said packet network, and 

b) a transmitting means (14) for transmitting said 
intercepted data packet Via said packet network to an 
interception gateway element, 

c) wherein said interception means is controlled by an 
interception control means (a6) arranged in another network 
element (LIG) . 

34. An interception gateway element for an interception 
system of a packet network, comprising: 

a) a receiving means (21) for receiving an intercepted 
data packet via said packet network fispm a network element 
(LIN) having an interception function; \md 

b) an interface means (27) for providing an interface to 
an intercepting authority (LEA) . 



35. An interception gateway element according to claim 34, 
further comprising an interception control me^is (26) for 
controlling said interception function of said Network 
element (LIN) . 



